using piv cards with nih login chris leggett nih login technical lead cit/nih
DESCRIPTION
Using PIV Cards with NIH Login Chris Leggett NIH Login Technical Lead CIT/NIH. Overview. Architecture Web PIV authentication Flow Application integration. Architecture. NIH Login AuthN Flow Part 1. Yes. No. NIH Login AuthN Flow Part 2. Yes. No. No. No. Yes. Yes. No. Yes. - PowerPoint PPT PresentationTRANSCRIPT
Using PIV Cards with NIH Login
Chris LeggettNIH Login Technical Lead
CIT/NIH
Page 2
Overview
• Architecture
• Web PIV authentication Flow
• Application integration
Integration Services Center (ISC)Contact: [email protected]
Page 4
NIH Login AuthN FlowPart 1
Yes
No
Integration Services Center (ISC)Contact: [email protected]
Page 5
NIH Login AuthN FlowPart 2
Yes
Yes
NoNo
Yes
Yes
No
No
Integration Services Center (ISC)Contact: [email protected]
Page 6
NIH Login AuthN FlowPart 3
Yes
No
Integration Services Center (ISC)Contact: [email protected]
Page 7
Application Integration
• New applications– SiteMinder Web Agent– Process the HTTP headers
• Current NIH Login protected apps– Authentication Scheme change
• Step-up authentication
• How to determine what credential was used?
Integration Services Center (ISC)Contact: [email protected]
Page 8
Determine AuthN Context
NIST LOA NIH Login LOA Range
AuthN Context
1 100-199 OpenID 120
SAML 130
InfoCard 140
2 200-299 eRA Commons user/pass
230
NIH AD user/pass 260
3 300-399 InfoCard 340
4 400-499 HHS issued PIV to NIH User
460
Integration Services Center (ISC)Contact: [email protected]
Page 9
Lets Get Started!
NIH ISC Support
Integration Services Center (ISC)Contact: [email protected]